02b42c7c2670d4f846ffb6202631444e020324142ca10f44019ef19de7231cdb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02b42c7c2670d4f846ffb6202631444e020324142ca10f44019ef19de7231cdb
Size

303KB
MD5

6dd6fd20b38a18c1755337ce4cfe9424
SHA1

b506bcd5994a394dfeec77dc921d8c667f12aa2c
SHA256

02b42c7c2670d4f846ffb6202631444e020324142ca10f44019ef19de7231cdb
SHA512

7a6e89db373969ea986370aba09e2cdff5a217a5de8dd5afd4c8224228d928da356fe1cdef1b61229e3999849351b0b4f0d77989aeb22c5439568118cc31afd2
SSDEEP

6144:E5MzbT4IV0xgtPN5YjMZ75LTmmANlvhNoXGPLA6TxLX/0:ESEIyxaYEgnpwm1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b42c7c2670d4f846ffb6202631444e020324142ca10f44019ef19de7231cdb

Files

02b42c7c2670d4f846ffb6202631444e020324142ca10f44019ef19de7231cdb
.exe windows:5 windows x86 arch:x86

3163fd4017ed7715e65f3d6bf5f46502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalSize
DeleteFileA
WriteFile
SuspendThread
GetModuleHandleA
GetLocaleInfoA
GetPriorityClass
GetStdHandle
ResumeThread
CreatePipe
GetProcessHeap
IsBadReadPtr
GetFileAttributesW
CreateDirectoryA
ResumeThread
HeapSize
GetCommandLineA
GetDriveTypeA
VirtualProtect
SetEndOfFile
ReadConsoleA

user32

SetRect
DestroyMenu
SetCursor
GetScrollInfo
PeekMessageA
LoadCursorA
wsprintfA
DestroyIcon
GetWindowLongA
DispatchMessageA
GetWindowLongA
DrawIcon
GetWindowTextW

els

DllCanUnloadNow
DllUnregisterServer
DllGetClassObject
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE